Merge pull request #2150 from pussycat0x/master

New templates added

vulnerabilities/wordpress/easy-media-gallery-pro-listing.yaml

@@ -6,10 +6,12 @@ info:
   description: Searches for sensitive directories present in the wordpress-plugins plugin.
   reference: https://www.exploit-db.com/ghdb/6455
   tags: wordpress,listing,wp-plugin
+
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/wp-content/plugins/easy-media-gallery-pro/"
+
     matchers-condition: and
     matchers:
       - type: word

vulnerabilities/wordpress/wordpress-bbpress-plugin-listing.yaml

@@ -3,7 +3,7 @@ id: wordpress-bbpress-plugin-listing
 info:
   name: WordPress bbPress Plugin Directory Listing
   author: dhiyaneshDK
-  severity: low
+  severity: info
   description: Searches for sensitive directories present in the bbpress wordpress plugin.
   reference: https://www.exploit-db.com/ghdb/6158
   tags: wordpress,listing
@@ -12,6 +12,7 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/wp-content/plugins/bbpress/"
+
     matchers-condition: and
     matchers:
       - type: word

vulnerabilities/wordpress/wordpress-debug-log.yaml

@@ -10,6 +10,7 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/wp-content/debug.log"
+
     matchers-condition: and
     matchers:
       - type: word
@@ -18,10 +19,12 @@ requests:
           - text/plain
         part: header
         condition: or
+
       - type: regex
         regex:
           - "[[0-9]{2}-[a-zA-Z]{3}-[0-9]{4} [0-9]{2}:[0-9]{2}:[0-9]{2} [A-Z]{3}] PHP"
         part: body
+
       - type: status
         status:
           - 200

vulnerabilities/wordpress/wordpress-directory-listing.yaml

@@ -13,11 +13,13 @@ requests:
       - "{{BaseURL}}/wp-content/themes/"
       - "{{BaseURL}}/wp-content/plugins/"
       - "{{BaseURL}}/wp-includes/"
+
     matchers-condition: and
     matchers:
       - type: status
         status:
           - 200
+
       - type: word
         words:
-          - Index of /
+          - "Index of /"

vulnerabilities/wordpress/wordpress-elementor-plugin-listing.yaml

@@ -3,7 +3,7 @@ id: wordpress-elementor-plugin-listing
 info:
   name: WordPress Elementor Plugin Directory Listing
   author: dhiyaneshDK
-  severity: low
+  severity: info
   description: Searches for sensitive directories present in the elementor wordpress plugin.
   reference: https://www.exploit-db.com/ghdb/6297
   tags: wordpress,listing
@@ -12,6 +12,7 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/wp-content/plugins/elementor/"
+
     matchers-condition: and
     matchers:
       - type: word

vulnerabilities/wordpress/wordpress-gtranslate-plugin-listing.yaml

@@ -3,7 +3,7 @@ id: wordpress-gtranslate-plugin-listing
 info:
   name: WordPress gtranslate Plugin Directory Listing
   author: dhiyaneshDK
-  severity: low
+  severity: info
   description: Searches for sensitive directories present in the gtranslate wordpress plugin.
   reference: https://www.exploit-db.com/ghdb/6160
   tags: wordpress,listing
@@ -12,6 +12,7 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/wp-content/plugins/gtranslate/"
+
     matchers-condition: and
     matchers:
       - type: word

vulnerabilities/wordpress/wordpress-redirection-plugin-listing.yaml

@@ -3,7 +3,7 @@ id: wordpress-redirection-plugin-listing
 info:
   name: WordPress Redirection Plugin Directory Listing
   author: dhiyaneshDk
-  severity: low
+  severity: info
   description: Searches for sensitive directories present in the wordpress-redirection plugin.
   reference: https://www.exploit-db.com/ghdb/6436
   tags: wordpress,listing

vulnerabilities/wordpress/wordpress-woocommerce-listing.yaml

@@ -3,7 +3,7 @@ id: wordpress-woocommerce-listing
 info:
   name: WordPress Woocommerce Plugin Directory Listing
   author: dhiyaneshDK
-  severity: low
+  severity: info
   description: Searches for sensitive directories present in the woocommerce wordpress plugin.
   reference: https://www.exploit-db.com/ghdb/6192
   tags: wordpress,listing

vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml

@@ -6,15 +6,15 @@ info:
   severity: high
   description: Critical Information Disclosure on WP Courses plugin < 2.0.29 exposes private course videos and materials
   tags: wordpress,plugin
-
+  references: |
-  # References:
+      - https://www.exploit-db.com/exploits/48910
-  # - [1] https://www.exploit-db.com/exploits/48910
+      - https://www.redtimmy.com/critical-information-disclosure-on-wp-courses-plugin-exposes-private-course-videos-and-materials/
-  # - [2] https://www.redtimmy.com/critical-information-disclosure-on-wp-courses-plugin-exposes-private-course-videos-and-materials/
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/wp-json/wp/v2/lesson/1"
+
     matchers-condition: and
     matchers:
       - type: regex
@@ -23,10 +23,12 @@ requests:
           - "\"(guid|title|content|excerpt)\":{\"rendered\":"
         condition: or
         part: body
+
       - type: word
         words:
           - "application/json"
         part: header
+
       - type: status
         status:
           - 200

vulnerabilities/wordpress/wp-123contactform-plugin-listing.yaml

@@ -3,7 +3,7 @@ id: wp-123contactform-plugin-listing
 info:
   name: WordPress 123ContactForm Plugin Directory Listing
   author: pussycat0x
-  severity: low
+  severity: info
   description: Searches for sensitive directories present in the wordpress-plugins plugin.
   reference: |
      - https://blog.sucuri.net/2021/01/critical-vulnerabilities-in-123contactform-for-wordpress-wordpress-plugin.html

vulnerabilities/wordpress/wp-arforms-listing.yaml

@@ -0,0 +1,28 @@
+id: wp-arforms-listing
+info:
+  name: WordPress Plugin Arforms Listing
+  author: pussycat0x
+  severity: info
+  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  reference: https://www.exploit-db.com/ghdb/6424
+  tags: wordpress,listing
+
+requests:
+
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/arforms/"
+
+    matchers-condition: and
+
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+          - "wp-content/plugins/arforms/"
+        condition: and
+
+      - type: status
+
+        status:
+          - 200

vulnerabilities/wordpress/wp-email-subscribers-listing.yaml

@@ -0,0 +1,26 @@
+id: wp-email-subscribers-listing
+info:
+  name: WordPress Plugin Email Subscribers Listing
+  author: pussycat0x
+  severity: low
+  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  reference: https://www.exploit-db.com/ghdb/6428
+  tags: wordpress,listing
+
+requests:
+
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/email-subscribers"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+          - "wp-content/plugins/email-subscribers"
+        condition: and
+
+      - type: status
+
+        status:
+          - 200

vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml

@@ -0,0 +1,27 @@
+id: wp-idx-broker-platinum-listing
+info:
+  name: WordPress Plugin Idx Broker Platinum Listing
+  author: pussycat0x
+  severity: info
+  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  reference: https://www.exploit-db.com/ghdb/6416
+  tags: wordpress,listing
+
+requests:
+
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/idx-broker-platinum/"
+
+    matchers-condition: and
+
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+          - "wp-content/plugins/idx-broker-platinum/"
+        condition: and
+
+      - type: status
+        status:
+          - 200

vulnerabilities/wordpress/wp-iwp-client-listing.yaml

@@ -0,0 +1,25 @@
+id: wp-iwp-client-listing
+info:
+  name: WordPress Plugin Iwp-client Listing
+  author: pussycat0x
+  severity: info
+  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  reference: https://www.exploit-db.com/ghdb/6427
+  tags: wordpress,listing
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/iwp-client/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+          - "wp-content/plugins/iwp-client/"
+        condition: and
+
+      - type: status
+        status:
+          - 200

vulnerabilities/wordpress/wp-plugin-1-flashgallery-listing.yaml

@@ -3,7 +3,7 @@ id: wp-plugin-1-flashgallery-listing
 info:
   name: WordPress 1 flash gallery listing
   author: pussycat0x
-  severity: low
+  severity: info
   description: Searches for sensitive directories present in the wordpress-plugins plugin.
   reference: https://www.exploit-db.com/ghdb/6978
   tags: wordpress,listing

vulnerabilities/wordpress/wp-plugin-lifterlms.yaml

@@ -3,7 +3,7 @@ id: wordpress-plugins-lifterlms
 info:
   name: WordPress Plugin lifterlms Listing
   author: pussycat0x
-  severity: low
+  severity: info
   description: Searches for sensitive directories present in the wordpress-plugins plugin.
   reference: https://www.exploit-db.com/ghdb/6420
   tags: wordpress,listing

vulnerabilities/wordpress/wp-plugin-utlimate-member.yaml

@@ -3,7 +3,7 @@ id: wordpress-plugins-ultimate-member
 info:
   name: WordPress Plugin Ultimate Member
   author: pussycat0x
-  severity: low
+  severity: info
   description: Searches for sensitive directories present in the wordpress-plugins plugin.
   reference: https://www.exploit-db.com/ghdb/6998
   tags: wordpress,listing

vulnerabilities/wordpress/wp-sfwd-lms-listing.yaml

@@ -0,0 +1,26 @@
+id: wp-sfwd-lms-listing
+
+info:
+  name: WordPress Plugin Sfwd-lms Listing
+  author: pussycat0x
+  severity: info
+  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  reference: https://www.exploit-db.com/ghdb/6426
+  tags: wordpress,listing
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/sfwd-lms/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+          - "wp-content/plugins/sfwd-lms"
+        condition: and
+
+      - type: status
+        status:
+          - 200